Forum Discussion

Nimbostratus

Nov 09, 2018

Enable CORS support

We are trying to enable CORS support so that certain headers and their values get sent through the F5 unmolested. We've tried different versions of "persist" and set headers and inserted headers, bu...

Cumulonimbus

Nov 10, 2018

Under normal traffic flow F5 LTM will not remove any headers unless configured to do so. For CORS you shouldn't need to do anything on the F5 really as long as your backend server configuration is correct.

However, I would say CORS can be difficult to get right so I would confirm that the backend server configuraiton is correct before anything else, test directly bypassing the F5.

Then set the F5 to do no HTTP header manipulation and test see what error messages you are getting on the client and server if things are not working. From that hopefully you can work out if the issue is client or server side.

Check out for a really good explination of how HTTP flow works for CORS: MDN Web Docs: Cross-Origin Resource Sharing (CORS)

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Enable CORS support

Recent Discussions

self-directed requests fail because of no certificate

Decode ObjectSID from Base64-encode string

iRule - Url rewrite and header replace and pool selection not working

ip x-forwarding

F5 ASM API-Protection Policy

Related Content

SSL Orchestrator Advanced Use Cases: Enabling GCloud Organization Restrictions

Enabling F5 Distributed Cloud Fraud and Risk Solutions with ForgeRock Connector

f5 iHealth and Support

Enforcing CORS With LineRate

Howto enable BIG-IP ASM client fingerprinting

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS